Monitor file over SSH

To configure an SSH connection as a data collector

1. Navigate to Administration > Data Collectors > Add Data Collector .
2. In the Name box, provide a unique name to identify this data collector.
3. From the Type list, select Monitor File over SSH.

4. Provide the following information, as appropriate:

    

   Field	Description
   Target/Collection Host
   Target Host	Excerpt named targetHost was not found in document xwiki:IT-Operations-Management.Operations-Management.BMC-TrueSight-IT-Data-Analytics.itda11.Administering.Managing-data-collectors.Upload-file.WebHome.
   Collection Host (Agent)	Type or select the collection host depending on whether you want to use the Collection Station or the Collection Agent to perform data collection. The collection host is the computer on which the Collection Station or the Collection Agent is located. By default, the Collection Station is already selected. You can either retain the default selection or select the Collection Agent. Note: For this type of data collector, the target host and collection host are expected to have different values.
   Collector Inputs
   Server Name	Excerpt named server name was not found in document xwiki:IT-Operations-Management.Operations-Management.BMC-TrueSight-IT-Data-Analytics.itda11.Administering.Managing-data-collectors.Upload-file.WebHome.
   Credentials	(Optional) Select one of the following options: Apply security credential to automatically populate the user name and password fields. Then select the appropriate credential (profile) from the Available Credential list that you already configured under Administration > Credentials. Provide Credential to manually add user name and password credentials. Then enter the credentials in the User Name and Password fields. You can also create a credential that uses the manually entered details by clicking Add Credential  next to the Password field.
   User Name	Provide the user name for connecting with the server from which you want to retrieve the data. Note: This field is disabled if you applied a security profile earlier. The product supports only password-based authentication for connecting with the SSH server.
   Password	Provide the password for connecting with the server from which you want to retrieve the data. Click Add Credential , provide a credential name, and click OK to create a new credential (profile) from the credentials that you provided in the user name and password fields. Once this credential is created, it is displayed under Administration > Credentials. Note: This field is disabled if you applied a security credential earlier.
   Directory Path	Provide the absolute path of the data file. To retrieve data files from subdirectories, do not provide the absolute path; instead, provide the path up to the parent directory.
   Include sub-directories	Excerpt named include sub-dir was not found in document xwiki:IT-Operations-Management.Operations-Management.BMC-TrueSight-IT-Data-Analytics.itda11.Administering.Managing-data-collectors.Monitor-file-on-Collection-Agent.WebHome.
   Filename/Rollover Pattern	Specify the file name only, or specify the file name with a rollover pattern to identify subsequent logs. You can use the following wild card characters: Period and asterisk (.*)—Use if you specify details to manually connect to the server containing your log files. The .* characters can be used to replace the changing text. Asterisk (*)—Use if you select the target host and collection host. The * character can be used to replace the changing text. Question mark (?)—Use if you select the target host and collection host. The ? symbol can be used to replace one changing character or number. This field is useful to monitor rolling log files where the log files are saved with the same name but differentiated with the time stamp or a number. Note: Ensure that you specify a rollover pattern for identifying log files that follow the same data format (which means they will be indexed with the same data pattern). Examples: Scenario 1 You have log files that are saved with succeeding numbers once they reach a certain size; for example: IAS0.log IAS1.log IAS2.log In the preceding scenario, you can specify the rollover pattern as IAS?.log. Scenario 2 You have log files that roll over every hour and are saved with the same date but a different time stamp in the YYYY-MM-DD-HH format; for example: 2013-10-01-11.log 2013-10-01-12.log 2013-10-01-13.log In the preceding scenario, you can specify the rollover pattern as 2013-10-01-*.log.
   Time Zone	Excerpt named time zone was not found in document xwiki:IT-Operations-Management.Operations-Management.BMC-TrueSight-IT-Data-Analytics.itda11.Administering.Managing-data-collectors.Upload-file.WebHome.
   Data Pattern
   Pattern	Excerpt named pattern was not found in document xwiki:IT-Operations-Management.Operations-Management.BMC-TrueSight-IT-Data-Analytics.itda11.Administering.Managing-data-collectors.Upload-file.WebHome.
   Date Format	Select a date format to use for indexing the timestamp in the data file. To select an option, you can do one of the following: Filter the relevant data formats that match the file. To find a list of relevant data patterns, click Filter Relevant Data Pattern and Date Formatnext to the Pattern field. Click Refresh to refresh the filtered list and see the complete list of data patterns available. Manually scan through the list available and select a date format. After selecting an option, click Preview parsed log entries to preview the sample data entries parsed. By looking at the preview of records, you can understand how the data will be indexed and be made available for searching. If you do not find a relevant date format, you can also create a new date format by selecting the Create new Date Format option. Notes: If you select both – a pattern and a date format, then the date format specified takes precedence over the date format from the pattern that you selected. So the timestamp is indexed as per the specified date format, and the rest of the data is indexed as per the pattern. If you select only a date format, then the date format is used for indexing the timestamp, while the rest of the data is displayed in a raw format in your search results.
   Poll Interval (mins)	Enter a number to specify the poll interval (in minutes) for the data collection (0 indicates that this is a one-time data collection). By default, this value is set to 1.
   Start/Stop Collection	(Optional) Select this check box if you want to start the data collection immediately.

   Advanced Options

   File Encoding	If your data file uses a character set encoding other than UTF-8 (default), then do one of the following: Filter the relevant character set encodings that match the file. To do this, click Filter relevant charset encoding next to this field. Manually scan through the list available and select an appropriate option. Allow IT Data Analytics to use a relevant character set encoding for your file by manually select the AUTO option.
   Ignore Data Matching Input	(Optional) If you do not want to index certain lines in your data file, then you can ignore them by providing one of the following inputs: Provide a line that consistently occurs in the event data that you want to ignore. This line will be used as the criterion to ignore data during indexing. Provide a Java regular expression that will be used as the criterion for ignoring data matching the regular expression. Example: While using the following sample data, you can provide the following input to ignore particular lines. To ignore the line containing the string, "WARN", you can specify WARN in this field. To ignore lines containing the words both "WARN" and "INFO", you can specify a regular expression .*(WARN|INFO).* in this field. Sample data Sep 25, 2014 10:26:47 AM net.sf.ehcache.config.ConfigurationFactory parseConfiguration():134 WARN: No configuration found. Configuring ehcache from ehcache-failsafe.xml  found in the classpath: Sep 25, 2014 10:26:53 AM com.bmc.ola.metadataserver.MetadataServerHibernateImpl bootstrap():550 INFO: Executing Query to check init property: select * from CONFIGURATIONS where userName = 'admin' and propertyName ='init' Sep 30, 2014 07:03:06 PM org.hibernate.engine.jdbc.spi.SqlExceptionHelper logExceptions():144 ERROR: An SQLException was provoked by the following failure: java.lang.InterruptedException Sep 30, 2014 04:39:27 PM com.bmc.ola.engine.query.ElasticSearchClient indexCleanupOperations():206 INFO: IndexOptimizeTask: index: bw-2014-09-23-18-006 optimized of type: data
   Best Effort Collection	(Optional) If you clear this check box, only those lines that match the data pattern are indexed; all other data is ignored. To index the non-matching lines in your data file, keep this check box selected. Example: The following lines provide sample data that you can index by using the Hadoop data pattern. In this scenario, if you select this check box, all lines are indexed. But if you clear the check box, only the first two lines are indexed. Sample data 2014-08-08 15:15:43,777 INFO org.apache.hadoop.hdfs.server.datanode.DataNode.clienttrace: src: /10.20.35.35:35983, dest: /10.20.35.30:50010, bytes: 991612, op: HDFS_WRITE, cliID: 2014-08-08 15:15:44,053 INFO org.apache.hadoop.hdfs.server.datanode.DataNode: Receiving block blk_-6260132620401037548_683435 src: /10.20.35.35:35983 dest: /10.20.35.30:50010 2014-08-08 15:15:49,992 IDFSClient_-19587029, offset: 0, srvID: DS-731595843-10.20.35.30-50010-1344428145675, blockid: blk_-8867275036873170670_683436, duration: 5972783 2014-08-08 15:15:50,992 IDFSClient_-19587029, offset: 0, srvID: DS-731595843-10.20.35.30-50010-1344428145675, blockid: blk_-8867275036873170670_683436, duration: 5972783
   Host Key Fingerprint	(Optional) Provide the fingerprint of the RSA host key to connect with the server from which you want to retrieve the data. This is the host key that is configured to be used by the SSH server with which you want to connect. Example: bc:e1:44:56:bd:b1:4d:b9:6f:4c:a4:ca:07:69:5c:66 Tip: To get the RSA host key fingerprint, you might want to contact your SSH server administrator. For more information, see About-the-SSH-host-key-fingerprint (BMC contributor page).

   Tags (optional)

   Inherit Host Level Tags From Target Host	Select this check box to inherit your tag selections associated with the target host that you selected earlier. This option is not applicable if you did not select a target host.
   Select Tag name	You can manually add tags by selecting one of the tags in the list, specifying a corresponding value, and clicking Add . The list of added tags is displayed in the Tags pane on the Search tab. Click Remove Tag to remove a tag.

   Group Access (optional)

   Inherit Host Level Access Groups From Target Host

   Select this check box to inherit your group access configurations associated with the target host that you selected earlier. This option is not applicable if you did not select a target host.

   Select All Groups

   Select this option if you want to select all user groups. You can also manually select multiple user groups. If you do not select any user groups and data access control is not enabled, then by default all users can access data retrieved by this data collector. You can restrict access permissions by selecting the relevant user groups that must be given access permissions. To enable data access control, navigate to Administration > System Settings. If you do not select any user group and data access control is enabled, then only the creator of the data collector has access to data retrieved by this data collector. For more information, see Managing-user-groups.

5. Click Create to save your changes.

What to do if an error occurs

To understand the troubleshooting scenarios related to this data collector, see Common-troubleshooting-issues with the Category filter set to Data collection.